Hello, my name is Yaron, and I work for a company that does online accounting.
We have clients that have magento stores, and we want them to be able to add us
as a credit card payment provider with iframe on their stores checkout process
(We're pci compliance). My question is, should we creating an external extension which our clients will download from magento store? or integrate to their stores with api somehow?
What is the best way to do it? and can you help with related docs?
I'll appreciate any help.
Good day Yaron,
We'd be happy to help, we are currently retained by a wide variety of the top banks in North America to build and support their modules. Please email me at email@example.com to discuss.
Try our Stripe Payment for Magento 2. This module may solve your problem. It allows you to integrate payment method via a single API, so your customers can pay in 135+ currencies using the most convenient payment method.
What else it offers:
If you're the one who running your Magento store as monthly/yearly subscription payment methods then here this Magento 2 Stripe Subscription Payment Extension which would help your customers to pay for subscription products or services within Magento store.
If my answer is helpful, then give me kudos and accept as solution
in order to comply PCI you need to NOT save any card info on your server (there are several methods ways to still save the data however u CANT save full data ie ccnum exp and cvv is totally forbiden instead you can save ccnum and exp but if you need to do this you will have to crypt the whole data using aes256 along with some other things such as strong ssl and so on in my opinion i would suggest you to instead use a hosted checkout solution: when the customer comes to payment option he selects the mentioned merchant and it will popup a little window where the customer muy fill with credit card information however using this method makes "the card never really get in contact with your server/webhost" payment gateways such as stripe amex hosted payment evopayments and so on already use this "hosted checkout technology" to make youre life easier, also you need to add some security meassure such as AVS forbid common know fraud ip´s and so on (it mostly depends on the merchant solution) if you need help in any shape or form implementing amex gateway or eveopayments will be glad to help no matter what country same method i use for mexico pages should apply to all world with some slightly insignificant changes